RFR: 8343232: PKCS#12 KeyStore support for RFC 9579: Use of Password-Based Message Authentication Code 1 (PBMAC1) [v3]
Weijun Wang
weijun at openjdk.org
Wed Sep 17 14:50:48 UTC 2025
On Fri, 5 Sep 2025 13:06:47 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java line 544:
>
>> 542: "com.sun.crypto.provider.PBES2Parameters$HmacSHA512_256AndAES_256");
>> 543:
>> 544: psA("AlgorithmParameters", "PBMAC1",
>
> Why do we need to expose this as a standard `AlgorithmParameters` algorithm as part of this change? Maybe this would be useful later, but I don't think it is needed as this enhancement is just for internal use in PKCS12 KeyStore.
@mcpowers Have you removed this in the latest commits?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2355795009
More information about the security-dev
mailing list